WHAT IS CLAIMED: 

1 . A method for managing access to a service comprising the steps of: 

(A) delegating, to a delegatee by a delegator, over at least one ad hoc network 
in a personal area network, one or more permissions, wherein the one or more permissions 
comprise authority to access the service and to delegate one or more further permissions to one 
or more subsequent delegatees and wherein the one or more permissions are represented using a 
digital signature; 

(B) receiving from at least one of said permitted delegatees data representing 
credential information relating to said one or more permissions via a credential transmission 
mechanism over a second computer network that is different from the at least one personal area 
network; and 

(C) providing access to the service to at least one of said permitted delegatees 
over said second computer network. 

2. The method of claim 1 wherein said credential transmission mechanism 
comprises including said data in a header of an http request for a web page. 

3. The method of claim 1 wherein said credential transmission mechanism 
comprises including said data in a URL. 

4. The method of claim 1 wherein said credential transmission mechanism 
comprises including said data in a cookie within an http request. 

5. The method of claim 1 wherein said personal area network comprises two or more 
devices that transmit data by infrared light waves. 

6. The method of claim 1 wherein said personal area network comprises two or more 
devices that transmit data by digital short-range radio waves. 
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7. A system for managing access to a service comprising: 

a delegation device that delegates to a delegatee from a delegator, over at least 
one ad hoc network in a personal area network, one or more permissions, wherein the one or 
more permissions comprise authority to delegate one or more further permissions to one or more 
subsequent delegatees and wherein the one or more permissions are represented using a digital 
signature; 

one or more first servers that receive from at least one of said permitted 
delegatees data representing credential information relating to said one or more permissions via a 
credential transmission mechanism over a second computer network that is different from the 
personal area network; and that provide access to the service to at least one of said permitted 
delegatees over said second computer network. 

8. The system of claim 7 wherein said credential transmission mechanism comprises 
including said data in a header of an http request for a web page. 

9. The system of claim 7 wherein said credential transmission mechanism comprises 
including said data in a URL. 

10. The system of claim 7 wherein said credential transmission mechanism comprises 
including said data in a cookie within an http request. 

1 1 . The system of claim 7 wherein said personal area network comprises two or more 
devices that transmit data by infrared light waves. 

12. The system of claim 7 wherein said personal area network comprises two or more 
devices that transmit data by digital short-range radio waves. 
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(aV delegating, to a delegatee by a delegator, one or more permissions, wherein the 
one or more permissions comprise authority to access the service and to delegate one or more 
further permissions ro one or more subsequent delegatees and wherein the one or more 
permissions are representbd using a digital signaturei 

(B) receiving from atskast one of said oernMtted delegatees data representing 
credential information relating to saio^ne or more permissions, wherein said data is included in 
a header of an http request for a web page/^3^ver a second computer network that is different from 
the at least one personal area network; and \ 

(C) providing access to the service to at lea^tone of said permitted delegatees over 
said second computer network. \^ 

14. A method for managing access to a service comprising the steps of: 

(A) delegating, to a delegatee by a delegator, one or more permissions, wherein the 
e or more permissions comprise authority to access! the service and to delegate one or more 

further permissions to one or more subsequent delegatees and wherein the one or more 
permissions are represented using a digital signature; 

(B) receiving from at least one of said pemiitted delegatees data representing 
credential information relating to said one or more permissions, wherein said data is included in 
a URL, over a second computer network that is different from the at least one personal area 
network; and I 

(C) providing access to the service to at least pne of said permitted delegatees over 
said second computer network. 1 

15. A method for managing access to a service comprising the steps of: 
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(A) delegating, to a delegatee by a delega :ov, one or more permissions, wherein the 
one or more permissions comprise authority to acce js the service and to delegate one or more 
further permissions to one or more subsequent delej atees and wherein the one or more 
permissions are represented using a digital signature ; 

(B) receiving from at least one of said pe mitted delegatees data representing 
credential information relating to said one or more p£ 
a cookie within an http request, over a second compi ler network that is different from the at least 
one personal area network; and 

(C) providing access to the service to at lejast one of said permitted delegatees over 
said second computer network. 

A system for managing access to a service comprising: 
a^ielegation device that delegates to a delegatee from a delegator one or more 
permissions, wherein uk^ne or more permissions comprise authority to delegate one or more 
further permissions to one or mqre subsequent delegate/es andj^herein the one or more 
permissions are represented using a oigital signature; 

one or more first servers that receive from at least one of said permitted 
delegatees data representing credential information rbl^ing to said one or more permissions in a 
header of an http request for a web page over a second computer network that is different from 
the personal area network; and that provide access to the service toM^^ast one of said permitted 
delegatees over said second computer network. 



1 7. A system for managing access to a service 
a delegation device that delegates to a del 



permissions, wherein the one or more permissions comprise authority to delegate one or more 



compnsmg: 

jgatee from a delegator one or more 
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further permissions to one or more subsequent de legatees and wherein the one or more 
permissions are represented using a digital signature; 

one or more first servers that rece ve from at least one of said permitted 
delegatees data representing credential informati on relating to said one or more permissions in a 
URL over a second computer network that is dilferent from the personal area network; and that 
provide access to the service to at least one of s; lid permitted delegatees over said second 
computer network. 

18. A system for managing access td a service compnsmg: 

a delegation device that delegate 5 to a delegatee from a delegator one or more 
permissions, wherein the one or more permissic ns comprise authority to delegate one or more 



further permissions to one or more subsequent 
permissions are represented using a digital sigr 



ielegatees and wherein the one or more 
ature; 



one or more first servers that receive from at least one of said permitted 
delegatees data representing credential informs tion relating to said one or more permissions in a 
cookie within an http request over a second coinputer network that is different firom the personal 
area network; and that provide access to the sejvice to at least one of said permitted delegatees 
over said second computer network. 
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